Hi @yahyatarek
1. Yes, you can have AES key in the NVM catalog.
There’s a set of rules how the catalog should be configured. This can be found in section “6.1.5 Key catalog” in HSE Firmware Reference Manual rev. 2.7.
There’s an example of NVM catalog on page 105 and there’s a list of reasons why the service can fail (page 106).
2. There are specific rules for SHE keys. This is described in section “6.3 Key management: SHE keys”. In short, SHE keys must be mapped to key group 0 and the group owner must be HSE_KEY_OWNER_ANY. Extended SHE keys must be mapped to key groups 1 – 4. If SHE keys are not used, you can map any keys to these groups.
You can have only one SHE RAM key which must be mapped to group 0 in RAM catalog. There’s an example in “6.3.4 Declaration example”:
hseKeyGroupCfgEntry_t my_RAM_key_catalog[] = {
/* SHE keys */ {HSE_MU0_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_SHE, 1, 128}, /* RAM_KEY */
{0, 0, 0, 0, 0}
};
If this doesn’t help, please share your configuration of the catalogs.
Regards,
Lukas